54ad21336a3ba9916d702ffc6d62b0d252d6f087a6c33cb625fbf994278006d7

General

Target

54ad21336a3ba9916d702ffc6d62b0d252d6f087a6c33cb625fbf994278006d7.apk
Size

2.3MB
MD5

792bd65ae4c361dfedeb8d27909bd668
SHA1

0ae9acb080132bf9c368aca845e77ce29d02fbfe
SHA256

54ad21336a3ba9916d702ffc6d62b0d252d6f087a6c33cb625fbf994278006d7
SHA512

e3e96d34e8bb02a8950789420151e2bfbb18d46e45a14d383a34b64179327c0ee6dcc538e3b7e71824ad1759119958de085050e2fd66c1843041ad64239feeba
SSDEEP

49152:bXJCiQWOLoP2sInaoZnBwQFWjjoYgPt6FNQZqeCxC5WzQpK0IwrUhmqO1UX:bZFWC2sINBTF2jfyhdCxC5WzQk0Iwwh1

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk	4204	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/oat/x86/abbcf405ff5b13ca9103b08176b80d22.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk	4105	an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk	4258	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/oat/x86/ecb25c09b9c0d92b7bc0c88e61798d7d.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk	4105	an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514

an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514
1⤵
- Loads dropped Dex/Jar
PID:4105
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/oat/x86/abbcf405ff5b13ca9103b08176b80d22.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4204
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/oat/x86/ecb25c09b9c0d92b7bc0c88e61798d7d.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4258

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk

Filesize
103KB

MD5
602fc9db682350515ccdb730222e26d1

SHA1
c2afb5d111f59e2ae49e05148b60276f4b1ee3dc

SHA256
7b8f1ec2a1e3ab3cb120b889cb498fbe23e04a2d4cc72e726419c44fd6fe22d0

SHA512
b868a9151c278e94cc1290f01b321f570e479a2f21bd9bd5497b5810874d95ca139252f8b76aff530c904e503e5daf60856c02c5f0575e1ba88b45a3cc0efff7

Download Submit
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk

Filesize
288KB

MD5
d6018b602748e561b55b978b1c0b71f0

SHA1
0af8d843591221e4a6702c74489346950106479d

SHA256
66159b2e6a3ba4b5405f8282251c933c751719dfff66880721f1cd167347a472

SHA512
8910714b0ff6988f10e6396b925564152b395ce875dfe9b090fdbc71efdde5d07510210cb1e96e427d8a740212d902d07ea1faecd23b65b85c6a7918a577a349

Download Submit
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/files/abbcf405ff5b13ca9103b08176b80d22.apk

Filesize
288KB

MD5
6e3dcf3d9e26fc6ff1d01d665d9f4abf

SHA1
9d650a45db1de9b3a482efb87a03370c520fe5e3

SHA256
3e21f3b9703944e23a840be62f083dae19f48ec29c0c8aafa28d5d38958a07ed

SHA512
093d129ef40e1117ee2b71f0cd88299a5969f575238b3566b3646cf65bc409c2788ca01b5a08965c8a03531bc6e61cfd2213e3a493cbaf846288822e74b0dec2

Download Submit
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk

Filesize
1.2MB

MD5
52cbbe6d9088f4d51efd880b55649f47

SHA1
11a7340139d61430186b6c742c7e8a7edfd76fc8

SHA256
e922673eeb97408e1a2359bcdc4d2e925973e3abcadde46bf991c3e6e3287d14

SHA512
8e80b5ec7c97eb0250556d6dec59525e9cea9858a9fd64e1f65c4f2aaaf219ab3a82d32916cbed44d980473caed464c4217dee51bd7a70fb78afde4a338da2a4

Download Submit
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk

Filesize
684KB

MD5
76cca9ea9e5bcc744cda8c9eac7b7fa6

SHA1
65e04368511bfe1679f162a2e706223069a61064

SHA256
ca78d507e24db26a9c41c7befbdc0e4cd052f40b130504ac763a06896f1eb744

SHA512
e60ed9d40265e1ed2d74a142d13f78d769d41cc448cc1635171de4a53e1173bd67304106bdeb7a8e0c410a4c101b764259402ce8ddebb501d489285ff125f58b

Download Submit
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/realshell/ecb25c09b9c0d92b7bc0c88e61798d7d.apk

Filesize
1.1MB

MD5
7e6756d93146e5d9dfcdcd7e4dd9d003

SHA1
86813f35eee20152d063b2d519fbe257f9a0edaf

SHA256
91a0325fb73be0489804b942adf411e04f235adb24f50c41d0989c371027a866

SHA512
04b907f2cf7c6636c007da368bb325b3a105773d35e82b4ebd0f11ed9c7a36427c7365a3d8680e5c59fe905e8d860e54f356c071aac9cabf20fdfa87de11a4f3

Download Submit
/data/user/0/an.wkhrjudzh.gfwiezsnleqa.k48117.da9d8bf17514/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
fd49240c5119ea50a1c863f3f5f4a056

SHA1
3381807885810ad8660f0029f1d9ba0c941ba022

SHA256
8928b6a02681bf382637991c1f46cefc3acfa5ed2356657e11444fb95dfe79e1

SHA512
a4be8f6c2c8f69b1cdf8647e062c7bc7780d43a9752141c39b7ac1fb48e4cfa02565a86bfbc34dc1fd2177cb0b308f0fa19947c1dfb0faaac311af0658577fec

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads